If I were to ask you what software was installed on your
computer would you be able to tell me?
It’s a simple enough question to answer you’d think – you’ve
got your browser or two, probably a version of Office, some antivirus software,
and maybe an account package or some games. If you install your software using
standard install packages then you will find them listed in the control panel
under Programs and Features. It’s always interesting to see what’s listed, and
what you can identify, because when I examine a customer’s computer I’ll
invariably find several programs they had no knowledge of installing and one or
two really obscure ones that I have to Google for (almost always before I
remove them). When I write up the job I describe this part of it as ‘removed
unwanted programs’.
The question we are always asked is “how did this software
get there”. And the answer is of course that you installed it. This certainly
wasn't something you did intentionally but the sad fact is that a lot of the
free software that we regularly install will come with a hidden payload that
you will only see if you look carefully while you are installing it.
We are talking here about the fringes of the dark Internet;
that borderland where what is going on certainly isn't good, but falls short of
the activities of the criminal dark side. It's a confusing world where a button
on a webpage may not do what you think it's going to do; where you need to be
on your toes to make sure you don't click the big green ‘Start Download’ button
because the one you really want is a little one above it, and it’s the sort of
place that would confuse the hell out of your parents. Welcome to the world of
foist-ware
At one end of the scale you've got Adobe who I seem to
mention far too frequently - their default download of Adobe reader tries to
foist a copy of McAfee Security Scan, which is top of our list for instant
removal. Two respectable companies there, both of which should know better.
Next let's take the example of another respected name; Java.
As you'll know Java will regularly prompt you for an upgrade. If you look
carefully at the install screen it will have a pre-ticked box that will install
the Ask toolbar and make Ask your default search provider. Apart from the fact
that the Ask search engine is absolutely terrible, this resetting of your
search engine without your actual permission is exactly the sort of thing that
malware will do. Evil is as evil does.
Another piece of software that we regularly see installed is
uTorrent, which has gone from being a well-respected bit torrent client to a bit
of a whore when it comes to foist-ware. Their recent partnerships have included
the Ask toolbar, another piece of borderline malware called Search Protect,
and at one stage even the Bing toolbar. I mean which self-respecting user
would ever knowingly install any of that tat?
There is of course a reason for all this and it comes down
to the commission that is paid for deploying these nasty bits of software, but
the ends shouldn’t justify the means. It reminds me a little bit of the old
days of trying to book a flight with budget airline, where just as you were
about to check out you noticed that the price has mysteriously changed, and on
closer examination you'd spot that travel insurance had been added to your
purchase.
In the name of consumer protection this sort of practice has
since been stopped, but for some reason the low-life that pedal a lot of the
software that we customarily remove from computers seem to think that the same
rules shouldn't apply to them. Given that generally users don't want their
software, didn't ask for it, and suffer in performance terms as a result of it
running, I have no hesitation in calling them out as peddlers of malware.
They may claim legitimacy and threatened to sue those who
attack their business model, but it seems to me that a simple code of conduct that
states that software may only be installed on a computer when explicitly
requested by a user, rather than by means of a pre-ticked box, would see these
companies put out of business overnight. This simple change would at least
allow some separation between the bad guys and the rest of us, and I've no
doubt that products like Search Protect will find no place to hide if they are
forced to come out of the shadows.
